Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.APPLETV_11.NASL
HistorySep 22, 2017 - 12:00 a.m.

Apple TV < 11 Multiple Vulnerabilities

2017-09-2200:00:00
This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
48
JSON

According to its banner, the version of Apple TV on the remote device is prior to 11. It is, therefore, affected by multiple vulnerabilities as described in the HT208113 security advisory.

Note that only 4th generation models are affected by these vulnerabilities.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(103419);
  script_version("1.10");
  script_cvs_date("Date: 2019/11/12");

  script_cve_id(
    "CVE-2017-7080",
    "CVE-2017-7081",
    "CVE-2017-7083",
    "CVE-2017-7086",
    "CVE-2017-7087",
    "CVE-2017-7090",
    "CVE-2017-7091",
    "CVE-2017-7092",
    "CVE-2017-7093",
    "CVE-2017-7094",
    "CVE-2017-7095",
    "CVE-2017-7096",
    "CVE-2017-7098",
    "CVE-2017-7099",
    "CVE-2017-7100",
    "CVE-2017-7102",
    "CVE-2017-7103",
    "CVE-2017-7104",
    "CVE-2017-7105",
    "CVE-2017-7107",
    "CVE-2017-7108",
    "CVE-2017-7109",
    "CVE-2017-7110",
    "CVE-2017-7111",
    "CVE-2017-7112",
    "CVE-2017-7114",
    "CVE-2017-7115",
    "CVE-2017-7116",
    "CVE-2017-7117",
    "CVE-2017-7120",
    "CVE-2017-7127",
    "CVE-2017-7128",
    "CVE-2017-7129",
    "CVE-2017-7130",
    "CVE-2017-11120",
    "CVE-2017-11121"
  );
  script_bugtraq_id(
    100924,
    100927,
    100984,
    100985,
    100986,
    100987,
    100990,
    100992,
    100994,
    100995,
    100998,
    101005,
    101006
  );

  script_name(english:"Apple TV < 11 Multiple Vulnerabilities");
  script_summary(english:"Checks the build number.");

  script_set_attribute(attribute:"synopsis", value:
"The remote Apple TV device is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of Apple TV on the remote device
is prior to 11. It is, therefore, affected by multiple vulnerabilities
as described in the HT208113 security advisory.

Note that only 4th generation models are affected by these
vulnerabilities.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT208113");
  # https://lists.apple.com/archives/security-announce/2017/Sep/msg00004.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?27cd33f6");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Apple TV version 11 or later. Note that this update is only
available for 4th generation models.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-11121");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/09/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/09/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/09/22");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:apple_tv");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("appletv_version.nasl");
  script_require_keys("AppleTV/Version", "AppleTV/Model", "AppleTV/URL", "AppleTV/Port");
  script_require_ports("Services/www", 7000);

  exit(0);
}

include("audit.inc");
include("appletv_func.inc");

url = get_kb_item('AppleTV/URL');
if (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');
port = get_kb_item('AppleTV/Port');
if (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');

build = get_kb_item('AppleTV/Version');
if (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');

model = get_kb_item('AppleTV/Model');
if (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');

fixed_build = "15J381";
tvos_ver = '11';

# determine gen from the model
gen = APPLETV_MODEL_GEN[model];

appletv_check_version(
  build          : build,
  fix            : fixed_build,
  affected_gen   : 4,
  fix_tvos_ver   : tvos_ver,
  model          : model,
  gen            : gen,
  port           : port,
  url            : url,
  severity       : SECURITY_HOLE
);
VendorProductVersionCPE
appleapple_tvcpe:/a:apple:apple_tv

References

Related

openvas 6
nessus 8
kaspersky 2
ubuntu 1
zdt 10
apple 14
mageia 1
lenovo 2
threatpost 2
freebsd 1
cve 36
android 2
seebug 7
prion 36
debiancve 19
ubuntucve 19
zdi 5
checkpoint_advisories 1
packetstorm 1
thn 1
suse 2
googleprojectzero 1
androidsecurity 1
openvas
openvas
Apple iTunes Security Updates (HT208141)
2017-10-25 00:00:00
Apple iCloud Security Updates(HT208142)
2017-09-26 00:00:00
Ubuntu Update for webkit2gtk USN-3460-1
2017-10-25 00:00:00
nessus
nessus
Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (uncredentialed check)
2017-09-27 00:00:00
Apple iTunes < 12.7 WebKit Multiple Vulnerabilities (credentialed check)
2017-09-27 00:00:00
Ubuntu 16.04 LTS : WebKitGTK+ vulnerabilities (USN-3460-1)
2017-10-24 00:00:00
kaspersky
kaspersky
KLA11127 Multiple vulnerabilities in Apple iTunes
2017-09-25 00:00:00
KLA11126 Multiple vulnerabilities in Apple Safari
2017-10-23 00:00:00
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2017-10-23 00:00:00
zdt
zdt
WebKitGTK+ Code Execution / Cookie Handling / Memory Corruption Vulnerabilities
2017-10-19 00:00:00
Broadcom 802.11r (FT) Reassociation Response Overflows Vulnerability
2017-09-26 00:00:00
Apple PCIe Message Ring Protocol Race Conditions Vulnerability
2017-09-24 00:00:00
apple
apple
About the security content of Safari 11
2017-09-19 00:00:00
About the security content of Safari 11 - Apple Support
2018-02-14 07:14:51
About the security content of iTunes 12.7 for Windows - Apple Support
2018-10-18 05:03:03
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2017-11-27 00:18:31
lenovo
lenovo
Broadcom WiFi Buffer Overflow Vulnerability - Lenovo Support US
2018-06-27 00:28:00
Broadcom WiFi Buffer Overflow Vulnerability - US
2018-06-27 00:28:00
threatpost
threatpost
Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models
2018-02-09 12:59:46
Remote Wi-Fi Attack Backdoors iPhone 7
2017-09-27 08:00:25
freebsd
freebsd
webkit2-gtk3 -- multiple vulnerabilities
2017-10-18 00:00:00
cve
cve
CVE-2017-11121
2017-09-28 01:29:00
CVE-2017-11120
2017-09-28 01:29:00
CVE-2017-7105
2017-10-23 01:29:00
android
android
CVE-2017-11121
2017-09-01 00:00:00
CVE-2017-11120
2017-09-01 00:00:00
seebug
seebug
Broadcom: Multiple overflows when handling 802.11r (FT) Reassociation Response(CVE-2017-11121)
2017-09-29 00:00:00
Broadcom: OOB write when handling 802.11k Neighbor Report Response(CVE-2017-11120)
2017-09-29 00:00:00
Apple: Heap overflow and information disclosure in "setVendorIE" when handling ioctl results(CVE-2017-7110)
2017-10-10 00:00:00
prion
prion
Buffer overflow
2017-09-28 01:29:00
Stack overflow
2017-09-28 01:29:00
Design/Logic Flaw
2017-10-23 01:29:00
debiancve
debiancve
CVE-2017-7120
2017-10-23 01:29:00
CVE-2017-7093
2017-10-23 01:29:00
CVE-2017-7109
2017-10-23 01:29:00
ubuntucve
ubuntucve
CVE-2017-7109
2017-10-18 00:00:00
CVE-2017-7107
2017-10-18 00:00:00
CVE-2017-7120
2017-10-18 00:00:00
zdi
zdi
Apple Safari RenderFlowThread Out-Of-Bounds Access Remote Code Execution Vulnerability
2017-09-26 00:00:00
Apple Safari RegExp replace Out-Of-Bounds Access Remote Code Execution Vulnerability
2017-09-26 00:00:00
Apple Safari BoundFunction Out-Of-Bounds Access Remote Code Execution Vulnerability
2017-09-26 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple WebKit Denial of Service (CVE-2017-7092)
2019-04-02 00:00:00
packetstorm
packetstorm
WebKit JSC Incorrect Optimization
2017-10-03 00:00:00
thn
thn
Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack
2017-09-26 23:49:00
suse
suse
Security update for webkit2gtk3 (important)
2018-02-01 00:14:30
Security update for webkit2gtk3 (important)
2018-01-25 21:10:00
googleprojectzero
googleprojectzero
Over The Air - Vol. 2, Pt. 2: Exploiting The Wi-Fi Stack on Apple Devices
2017-10-03 00:00:00
androidsecurity
androidsecurity
Android Security Bulletinโ€”September 2017
2017-09-05 00:00:00
JSON
Related for APPLETV_11.NASL
openvas6nessus8kaspersky2ubuntu1zdt10apple14mageia1lenovo2threatpost2freebsd1cve36android2seebug7prion36debiancve19ubuntucve19zdi5checkpoint_advisories1packetstorm1thn1suse2googleprojectzero1androidsecurity1